| Commit message (Expand) | Author | Age |
|---|
| ... | |
| | * | | Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcm...•••Conflicts throughout. All resolved in favor of taking HEAD and
adding tor_mem* or fast_mem* ops as appropriate.
src/common/Makefile.am
src/or/circuitbuild.c
src/or/directory.c
src/or/dirserv.c
src/or/dirvote.c
src/or/networkstatus.c
src/or/rendclient.c
src/or/rendservice.c
src/or/router.c
src/or/routerlist.c
src/or/routerparse.c
src/or/test.c
| Nick Mathewson | 2011-05-11 |
| | |\| |
|
| | | * | Hand-conversion and audit phase of memcmp transition•••Here I looked at the results of the automated conversion and cleaned
them up as follows:
If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I
changed it to a fast_memcmp or fast_memeq.
Otherwise if there was a tor_memcmp that could turn into a
tor_memneq or tor_memeq, I converted it.
This wants close attention.
[*] I'm erring on the side of caution here, and leaving some things
as tor_memcmp that could in my opinion use the data-dependent
fast_memcmp variant.
| Nick Mathewson | 2011-05-11 |
| | | * | Automated conversion of memcmp to tor_memcmp/tor_mem[n]eq•••This commit is _exactly_ the result of
perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch]
perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch]
git checkout src/common/di_ops.[ch]
git checkout src/or/test.c
git checkout src/common/test.h
| Nick Mathewson | 2011-05-11 |
| * | | | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts:
src/common/address.c
src/common/compat_libevent.c
src/common/memarea.c
src/common/util.h
src/or/buffers.c
src/or/circuitbuild.c
src/or/circuituse.c
src/or/connection.c
src/or/directory.c
src/or/networkstatus.c
src/or/or.h
src/or/routerlist.c
| Nick Mathewson | 2011-04-07 |
| |\| | |
|
| | * | | Add XXX023s for our timestamp_dirty abuse. | Nick Mathewson | 2011-03-25 |
| * | | | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-03-16 |
| |\| | |
|
| | * | | Move the decl for tor_gettimofday_cache_clear to the right header | Nick Mathewson | 2011-03-16 |
| * | | | Merge remote branch 'arma/optimistic_server' | Nick Mathewson | 2011-03-15 |
| |\ \ \ |
|
| | * | | | whitespace fixes to pass 'make check-spaces' | Roger Dingledine | 2011-03-15 |
| | * | | | Revise prop174 patch: make the circuit sendme calls unconditional.•••The circuit_consider_sending_sendme call should be unconditional,
since the circuit windows can move independent of the state of streams.
| Nick Mathewson | 2011-03-14 |
| | * | | | Implement server side of Proposal 174 (optimistic data)•••Ian's original message:
The current code actually correctly handles queued data at the
Exit; if there is queued data in a EXIT_CONN_STATE_CONNECTING
stream, that data will be immediately sent when the connection
succeeds. If the connection fails, the data will be correctly
ignored and freed. The problem with the current server code is
that the server currently drops DATA cells on streams in the
EXIT_CONN_STATE_CONNECTING state. Also, if you try to queue data
in the EXIT_CONN_STATE_RESOLVING state, bad things happen because
streams in that state don't yet have conn->write_event set, and so
some existing sanity checks (any stream with queued data is at
least potentially writable) are no longer sound.
The solution is to simply not drop received DATA cells while in
the EXIT_CONN_STATE_CONNECTING state. Also do not send SENDME
cells in this state, so that the OP cannot send more than one
window's worth of data to be queued at the Exit. Finally, patch
the sanity checks so that streams in the EXIT_CONN_STATE_RESOLVING
state that have buffered data can pass.
[...] Here is a simple patch. It seems to work with both regular
streams and hidden services, but there may be other corner cases
I'm not aware of. (Do streams used for directory fetches, hidden
services, etc. take a different code path?)
| Ian Goldberg | 2011-03-14 |
| * | | | | Merge remote branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-03-15 |
| |\ \ \ \
| |/ / /
|/| / /
| |/ / |
|
| | * | | Fix comment for connection_edge_consider_sending_sendme | Nick Mathewson | 2011-03-15 |
| * | | | Merge branch 'maint-0.2.2' | Roger Dingledine | 2011-01-15 |
| |\| | |
|
| | * | | Sanity-check consensus param values•••We need to make sure that the worst thing that a weird consensus param
can do to us is to break our Tor (and only if the other Tors are
reliably broken in the same way) so that the majority of directory
authorities can't pull any attacks that are worse than the DoS that
they can trigger by simply shutting down.
One of these worse things was the cbtnummodes parameter, which could
lead to heap corruption on some systems if the value was sufficiently
large.
This commit fixes this particular issue and also introduces sanity
checking for all consensus parameters.
| Sebastian Hahn | 2011-01-15 |
| * | | | Merge remote branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-01-03 |
| |\| | |
|
| | * | | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts:
src/common/test.h
src/or/test.c
| Nick Mathewson | 2011-01-03 |
| | |\| |
|
| | | * | Bump copyright statements to 2011 | Nick Mathewson | 2011-01-03 |
| * | | | Merge branch 'maint-0.2.2' | Roger Dingledine | 2010-12-19 |
| |\| | |
|
| | * | | Merge remote branch fix_security_bug_021 into fix_security_bug_022•••Conflicts:
src/common/memarea.c
src/or/or.h
src/or/rendclient.c
| Nick Mathewson | 2010-12-15 |
| | |\| |
|
| | | * | Make payloads into uint8_t.•••This will avoid some signed/unsigned assignment-related bugs.
| Nick Mathewson | 2010-12-15 |
| | | * | Backport END_STREAM_REASON_NOROUTE for client use.•••(Partial backport of 150ed553dfce9, 161b275028e90, and 4c948ffd6.)
| Sebastian Hahn | 2010-08-18 |
| * | | | Merge remote branch 'origin/maint-0.2.2'•••Conflicts:
src/or/relay.c
| Nick Mathewson | 2010-11-30 |
| |\| | |
|
| | * | | Revise comment on 2210 a little; clean up n_streams/num_streams confusion•••Also add a changes file
| Nick Mathewson | 2010-11-29 |
| | * | | Add wrappers function for libc random()•••On windows, it's called something different.
| Nick Mathewson | 2010-11-29 |
| | * | | Fix whitespace in patch for 2210 and backport to 0.2.2 | Nick Mathewson | 2010-11-29 |
| | * | | Improve fairness when activating streams in circuit_resume_edge_reading_helper••• The reason the "streams problem" occurs is due to the complicated
interaction between Tor's congestion control and libevent. At some point
during the experiment, the circuit window is exhausted, which blocks all
edge streams. When a circuit level sendme is received at Exit, it
resumes edge reading by looping over linked list of edge streams, and
calling connection_start_reading() to inform libevent to resume reading.
When the streams are activated again, Tor gets the chance to service the
first three streams activated before the circuit window is exhausted
again, which causes all streams to be blocked again. As an experiment,
we reversed the order in which the streams are activated, and indeed the
first three streams, rather than the last three, got service, while the
others starved.
Our solution is to change the order in which streams are activated. We
choose a random edge connection from the linked list, and then we
activate streams starting from that chosen stream. When we reach the end
of the list, then we continue from the head of the list until our chosen
stream (treating the linked list as a circular linked list). It would
probably be better to actually remember which streams have received
service recently, but this way is simple and effective.
| Mashael AlSabah | 2010-11-29 |
| * | | | Merge remote branch 'origin/maint-0.2.2' | Nick Mathewson | 2010-10-21 |
| |\| | |
|
| | * | | Send relay_early cells in rend circs•••There are no relay left that run version 0.2.1.3 through 0.2.1.18, so
changing this behaviour should be safe now.
| Sebastian Hahn | 2010-10-18 |
| * | | | Merge branch 'bug1992_part1' | Nick Mathewson | 2010-10-15 |
| |\ \ \ |
|
| | * | | | refactor all these tor_inet_ntoa idioms•••but don't refactor the ones that look messy
| Roger Dingledine | 2010-10-01 |
| * | | | | Fix a couple users of buf_datalen that slipped in. Found by Sebastian | Nick Mathewson | 2010-10-13 |
| * | | | | Initial conversion to use node_t throughout our codebase.•••A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
| Nick Mathewson | 2010-10-01 |
| * | | | | Try to make most routerinfo_t interfaces const | Nick Mathewson | 2010-10-01 |
| |/ / / |
|
| * | | | Make a function to mark a connection and set hold_open_until_flushed. | Nick Mathewson | 2010-09-27 |
| * | | | Refactor users of buf_datalen to bufferevent-friendly version. | Nick Mathewson | 2010-09-27 |
| * | | | Teach read_event/write_event manipulators about bufferevents.•••Add an --enable-bufferevents config switch.
| Nick Mathewson | 2010-09-27 |
| |/ / |
|
| * | | I hear we are close to a release. Clean up the whitespace. | Nick Mathewson | 2010-09-16 |
| * | | Demote a warn when enabling CellStatistics•••When the CellStatistics option is off, we don't store cell insertion
times. Doing so would also not be very smart, because there seem to
still be some performance issues with this type of statistics. Nothing
harmful happens when we don't have insertion times, so we don't need to
alarm the user.
| Sebastian Hahn | 2010-09-16 |
| * | | Merge branch 'bug1184' | Nick Mathewson | 2010-09-15 |
| |\ \ |
|
| | * | | Never queue a cell on a marked circuit | Nick Mathewson | 2010-09-15 |
| | * | | Clear cell queues when marking or truncating a circuit.•••At best, this patch helps us avoid sending queued relayed cells that
would get ignored during the time between when a destroy cell is
sent and when the circuit is finally freed. At worst, it lets us
release some memory a little earlier than it would otherwise.
Fix for bug #1184. Bugfix on 0.2.0.1-alpha.
| Nick Mathewson | 2010-07-30 |
| * | | | Add a simple integer-ceiling-division macro before we get it wrong | Nick Mathewson | 2010-09-14 |
| * | | | Make circuit_resume_edge_reading_helper treat streams more fairly.•••Previously[*], the function would start with the first stream on the
circuit, and let it package as many cells as it wanted before
proceeding to the next stream in turn. If a circuit had many live
streams that all wanted to package data, the oldest would get
preference, and the newest would get ignored.
Now, we figure out how many cells we're willing to send per stream,
and try to allocate them fairly.
Roger diagnosed this in the comments for bug 1298.
[*] This bug has existed since before the first-ever public release
of Tor. It was added by r152 of Tor on 26 Jan 2003, which was
the first commit to implement streams (then called "topics").
This is not the oldest bug to be fixed in 0.2.2.x: that honor
goes to the windowing bug in r54, which got fixed in e50b7768 by
Roger with diagnosis by Karsten. This is, however, the most
long-lived bug to be fixed in 0.2.2.x: the r54 bug was fixed
2580 days after it was introduced, whereas I am writing this
commit message 2787 days after r152.
| Nick Mathewson | 2010-09-13 |
| * | | | Add a max_cells arg to connection_edge_process_raw_inbuf•••I'm going to use this to implement more fairness in
circuit_resume_edge_reading_helper in an attempt to fix bug 1298.
(Updated with fixes from arma and Sebastian)
| Nick Mathewson | 2010-09-13 |
| * | | | Fix function declaration linebreaks at start of relay.c | Nick Mathewson | 2010-09-13 |
| * | | | be more consistent in using streamid_t | Nick Mathewson | 2010-09-08 |
| * | | | Fix a missing stream_id argument; found by "tracktor" | Nick Mathewson | 2010-09-03 |
| * | | | Fix behavior of adding a cell to a blocked queue.•••We frequently add cells to stream-blocked queues for valid reasons
that don't mean we need to block streams. The most obvious reason
is if the cell arrives over a circuit rather than from an edge: we
don't block circuits, no matter how full queues get. The next most
obvious reason is that we allow CONNECTED cells from a newly created
stream to get delivered just fine.
This patch changes the behavior so that we only iterate over the
streams on a circuit when the cell in question came from a stream,
and we only block the stream that generated the cell, so that other
streams can still get their CONNECTEDs in.
| Nick Mathewson | 2010-09-02 |
| * | | | Detect if we try to put a cell onto a supposedly blocked cell queue.•••When this happens, run through the streams on the circuit and make
sure they're all blocked. If some aren't, that's a bug: block them
all and log it! If they all are, where did the cell come from? Log
it!
(I suspect that this actually happens pretty frequently, so I'm making
these log messages appear at INFO.)
| Nick Mathewson | 2010-08-18 |